The Agent Skills Directory

[SAFE]: Technical analysis of the skill confirms that the content is legitimate documentation for building GitHub Actions. No malicious patterns, persistence mechanisms, or obfuscation were found.
[EXTERNAL_DOWNLOADS]: The skill references multiple external resources, including official GitHub actions (actions/checkout, actions/upload-artifact) and standard Docker base images (alpine, node, python, golang, ubuntu). These are recognized as trusted or well-known services and do not contribute to a higher severity verdict.
[PROMPT_INJECTION]: The skill identifies the potential for script injection via workflow inputs and provides guidance on mitigation.
Ingestion points: action.yml input fields (referenced in action-metadata.md and entrypoint-scripts.md).
Boundary markers: Documentation recommends using shell quoting for positional arguments.
Capability inventory: Entrypoint shell scripts executed within a Docker container context.
Sanitization: Recommends using unique delimiters (generated via base64) for multi-line outputs to prevent output hijacking.

github-docker-action